• Home
  • Know How
  • REUSE rdb: Accessing the Windows Integrated login system from RQL
D0DB8F56BF0D4A1BB8EEFC458CC77446
  • RedDot CMS Blog
  • 18.01.2017
  • EN

rdb: Accessing the Windows Integrated login system from RQL

As you may well know you can configure your CMS to utilise Windows Integrated login. This SSO process will take the login credentials supplied by your browser and use them to automatically log you into the CMS.  Works out of the box in IE when you’re in the Intranet Zone, and can also be made to work in other zones too.

Let’s say you have your CMS setup with this feature, and you have some RQL that you use that runs outside of the normal plug-in architecture.  Not particularly uncommon, we have lots of it, but in this scenario you need to use RQL login commands before you can do anything productive.

If this has happened to you the first place you have looked is the RDCMS.log file to see what the CMS does to perform an integrated login, and this is what you would have found:

 RQL 
<IODATA>
  <ADMINISTRATION action="login" languageid="" sessionid="12345678" useragent="Mozilla/4.0
  compatible; MSIE 8.0; Windows NT 6.1; WOW64; *snip*)" loginkey="" reddottop="top" loginguid=""
  cmsusertoken="35hTKS+8pAmt/79gtpCn2agMB8iCrDtoR0pqTEKBWSA="
  cmsvalidationkey="3546593841743767706E614D1234566F30714542533D" ssohandlerguid=""
  name="" password="********"></ADMINISTRATION>
</IODATA>

Exciting, isn’t it!  Except that I have worked out where the cmsusertoken and cmsvalidationkey attributes come from, and trust me when I say you can’t make them yourself.
 

So what now? Glad you asked.

I created a dead simple plug-in asp page that looks like this:

 ASP vb.NET 
<%
dim oWinAuth, sUserToken, sKey
Set oWinAuth = CreateObject("RDCMSWinAuth.RDWinAuth")
sUserToken = oWinAuth.getUserToken(sKey)
Set oWinAuth = Nothing
Response.Write sUserToken & "|" & sKey
%>

which simply returns the cmsusertoken and cmsvalidationkey attributes in pipe separated format, that can then be plugged into your RQL.  Note this only works if the process executing the web page call has an integrated login account in the CMS and you have to call it each time you want to log in because the values have a built-in expiry system.  The name and password attributes are not required, and you should pass “script” as the value for the useragent attribute.

In my .Net app I simply call it like this:

  ASP vb.NET 
string ret = new WebClient().DownloadString( pluginUri );

then parse out the result.

 

Know How

 

Veranstaltungen

 

Aktuelles

 

Downloads

 

QuickLinks

 

Channel

© 2023 OWUGOpen Text Web Solutions Usergroup e.V.  | Kontakt | Impressum | Datenschutz | Newsletter

Der Open Text Web Solutions Usergroup e.V. (OWUG) hat sich im Februar 2002, auf Initiative von Anwendern und Spezialisten, gegründet und ein herstellerunabhängiges Informationsforum geschaffen. Endanwender und Partner haben sich zusammen gefunden, um durch einen intensiven Erfahrungsaustausch, ihr jeweiliges Knowhow schnell zu erweitern und den erfolgreichen Einsatz des OpenText™ Web Site Management zu fördern. Vor der Übernahme der RedDot Solutions AG durch OpenText™ hieß der Verein RedDot Usergroup e.V. (RDUG).

Wir verwenden Cookies, um das Online-Angebot und das Nutzererlebnis für Sie stetig zu verbessern. Nähere Informationen zur Speicherung von Daten auf dieser Webseite finden Sie unter Datenschutz .